and here is the .php file which is being called from the above javascript function:
<?php
ob_start();
// set your infomation.
$dbhost='localhost';
$dbusername='xxxxx';
$dbuserpass='xxxxx';
$dbname='xxxxx';

//checks cookies to make sure they are logged in
if(isset($_COOKIE['xxxxxxxx'])) {
$username = $_COOKIE['xxxxxxxxx'];
$pass = $_COOKIE['xxxxxxx'];
$check = mysql_query("SELECT * FROM USERS WHERE username = '$username'") or die(mysql_error());
while($info = mysql_fetch_array( $check )) {
//if the cookie has the wrong password, they are taken to the login page
if ($pass != $info['password']) {
header("Location: http://localhost/login.php");
}
//otherwise they are shown the admin area
}
}
else {
//if the cookie does not exist, they are taken to the login screen
header("Location: http://localhost/login.php");
}